Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo INTRADO

Group: royal

Discovered by ransomware.live: 2022-12-27

Estimated attack date: 2022-12-27

Description:

internal documents \ passports \ employee driver's licenses


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse cscglobal.com
MX Records
  • intrado-com.mail.protection.outlook.com.
TXT Records
  • _globalsign-domain-verification=AmgTovmK8NOFj6S848ssOdeA5Bd3_iMnjIqO-PlLlh
  • adobe-sign-verification=7a0a6074baddce9afd8d1f4ab0b2091
  • apple-domain-verification=YAfBikMa6FGusyGJ
  • atlassian-domain-verification=jI8KJW9RmvjnJ1G+qxWBIrdMQIp2VrQ2KfmuzjJHmrRlfo9Hcq8cvFd+Saxoceqo
  • cloudflare-verify.intrado.com-138854623-2OO6424092811111
  • hubspot-developer-verification=NmZiNWE2NTEtODljMS00ZTExLWIyYzctZTcwZTAxZjBlYzY5
  • jamf-site-verification=BinA3UWZZ51fmJfC66JLrQ
  • onx=ecf16fba-024a-4566-8bdd-7a7f4c6ca78f
  • trnuut0hthtm793si55c0nhcqb
  • twilio-domain-verification=2f2e55b10e1d06909b9e5884ede71064
  • v=spf1 include:spf.protection.outlook.com include:everbridge.net include:amazonses.com include:_spf.salesforce.com ip4:216.57.96.0/20 ip4:64.58.48.0/20 ip4:8.41.31.194 ?all
  • webexdomainverification.=8290937f-1912-4a26-9ba5-6e316e7d6078
  • 4eg8dh74o3msmlmp990drpn5oc
  • MS=DC3334AFB4D5C6511C578ED7FA2F80B755C48B87
  • MS=ms26921342
  • MS=ms51811290
Cloud / SaaS Services Detected
Apple Atlassian Amazon SES/WorkMail Microsoft 365 Salesforce Twilio JamF Cisco Webex